The University of Miami suffered a data security incident that affected a limited number of UHealth – University of Miami Health System patients.
An employee experienced identity theft that included an intrusion into their work-associated UM email account.
The emails containing the name and medical record numbers of some patients were forwarded to a third-party email account.
Source: https://www.databreaches.net/university-of-miami-health-breach-notice/
TPRM report: https://scoringcyber.rankiteo.com/company/umiamihealth
"id": "uni18129123",
"linkid": "umiamihealth",
"type": "Breach",
"date": "01/2023",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
'location': 'Miami, Florida',
'name': 'University of Miami Health System',
'type': 'Healthcare'}],
'attack_vector': 'Email Account Intrusion',
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['Emails'],
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Medical Record Numbers']},
'description': 'The University of Miami suffered a data security incident '
'that affected a limited number of UHealth – University of '
'Miami Health System patients. An employee experienced '
'identity theft that included an intrusion into their '
'work-associated UM email account. The emails containing the '
'name and medical record numbers of some patients were '
'forwarded to a third-party email account.',
'impact': {'data_compromised': ['Name', 'Medical Record Numbers']},
'initial_access_broker': {'entry_point': 'Email Account'},
'title': 'Data Security Incident at University of Miami Health System',
'type': 'Data Breach',
'vulnerability_exploited': 'Identity Theft'}